Vulnerability Description
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Gui For Windows | < 7.70 |
Related Weaknesses (CWE)
References
- https://launchpad.support.sap.com/#/notes/3320467Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
- https://launchpad.support.sap.com/#/notes/3320467Permissions RequiredVendor Advisory
- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlVendor Advisory
FAQ
What is CVE-2023-32113?
CVE-2023-32113 is a vulnerability with a CVSS score of 7.5 (HIGH). SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the aut...
How severe is CVE-2023-32113?
CVE-2023-32113 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32113?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Gui For Windows.